ClientCertAuth Rule
- Rod Widdowson
Owned by Rod Widdowson
Identified by type="ClientCertAuth", this rule enables TLS/SSL client certificate authentication for back-channel SOAP communication to the SP.
Attributes
Name | Type | Default | Description |
|---|---|---|---|
errorFatal | boolean | false | If true, failure to validate a supplied certificate is fatal during message processing. This is distinct from cases where a certificate isn't present. |
Example
<PolicyRule type="ClientCertAuth" errorFatal="true"/>